package com.spsoft.security.interceptor.handler;


import com.spsoft.core.annotation.AnonymousAccess;
import com.spsoft.core.constants.CacheConstant;
import com.spsoft.core.enums.ResponseEnum;
import com.spsoft.core.exception.AuthException;
import com.spsoft.core.model.bo.TokenUser;
import com.spsoft.vms.redis.RedisService;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.core.annotation.Order;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import java.util.Objects;


/**
 *  判断权限是否有权限访问
 *
 * @author cdl
 * @date 2023/11/09
 */
@Order(2)
@Component
@Slf4j
public class AuthMenuHandler extends AbstractAuthorityHandler {
    @Autowired
    private RedisService redisService;
    @Override
    void processHandler(TokenUser user, HttpServletRequest request, AnonymousAccess authority){
        if(Objects.nonNull(user)){
            boolean r = redisService.isValueInSet(CacheConstant.SYS_CACHE_MENU_AUTH + user.getRoleId(), authority.permissionCode());
            if(!r){
               log.error ("用户[{}],当前岗位id[{}]没有访问权限[{}]", user.getUserCode(),user.getRoleId(), authority.permissionCode());
                throw new AuthException(ResponseEnum.AUTH_ERROR);
            }
        }else{
            throw new AuthException(ResponseEnum.AUTH_ERROR);
        }
    }


}
